Yeah, start ‘msconfig’ and check if anything suspicious is set to start on startup, check the file paths, go browse there and look for suspicious files… That’s how I hunt malicious stuff when my AV has trouble.
Most annoying malware I had kept replicating itself using random file names like hadadfj.dll in the system32 folder. It would copy itself as soon as my antivirus detected it.
Well… so much for my smarty pants “oh look, a thread for computer help I might be able to help with” posts.
I wasnt the last person on the computer, but now it seems we cannot run any programs. Click an icon, it thinks about it and then no go. Click on an executable, it thinks about it and then no go. I even put the puter in safe mode and tried to run anything… even an antivirus… no go. Even a restore didnt help.
Funny thing is that it will let me run cmd, regedit and some other basic stuff without a problem. I also know that it has been trying to install updates that I kept putting off. I wonder if my oldest was surfin porn last night when all of us were tucked in bed.
Fecker.
try Using “ComboFix” Malware programs Usually dont block it, its rather handy and reliable.
I had that f*ing virus a few weeks ago (on 2 different computers!). Here’s how I managed to remove it:
Find where the virus files are located. For me it was
C:\Documents and Settings*user name*\Local Settings\Application Data
Some of these folders are hidden so make sure to enable hidden file display.
If you try directly deleting those files you’ll see the virus won’t let you.
Download this little .exe file : https://net-studio.org/patch/Removal_Tool_For_Security_Tool_V2.zip
Unfortunatly the virus won’t let you unzip and run the file.
The trick was : I noticed that when you start your computer, you have a few seconds before the virus appears. During this time , you can unzip and run the file.
When you run the file a small window appear where you simply have to click “delete”.
The time to do this (when the computer is just starting) is very short (we’re talking 2-3 seconds), so you may need to reboot your computer several times. Basically, do this : reboot-unzip-reboot-run file & click delete as fast as possible.
Once this is done it is not over (if you restart your computer the virus will be back). What’s left to do is : go back to where the virus files are located, and delete any remaining virus file (this time you will be able to do it).
After that it should be gone for good.
It took me about 3 hours to get rid of it the first time, then I used the same method when my 2nd computer caught the virus and it worked just fine and didn’t take too long.
Once a system is compromised with that kind of virus I usually cut my losses, boot linux from a live CD, copy anything I need over to a spare HDD and reinstall windows.
You can never trust a compromised system again after a virus like this imo. You can’t be sure what kind of holes it’s left behind or what other nasties you have lurking in your system.
Also I never do any online banking or any serious purchases in windows, always use the linux live CD as it’s impossible for malware to install itself. May be overkill but at least it’s safe.
EDIT - If you create an image of the disk on a regular basis reinstallation of windows is pretty simple and quick. I use Clonezilla but there are other free tools out there.
Windows 7 itself has a nice disk imaging tool… it saved me several hours of installing
REINSTALLING FIXES EVERYTHING ALL OF THE TIME
hmm… will consider above advice. again, much obiliged 
Founded in 2004, Leakfree.org became one of the first online communities dedicated to Valve’s Source engine development. It is more famously known for the formation of Black Mesa: Source under the 'Leakfree Modification Team' handle in September 2004.